Skip to content

Commit d2f4fcb

Browse files
maxvpmaxvp
committed
Add notes
1 parent c738502 commit d2f4fcb

File tree

1 file changed

+5
-3
lines changed
  • src/content/docs/cloudflare-one/policies/gateway/tiered-policies

1 file changed

+5
-3
lines changed

src/content/docs/cloudflare-one/policies/gateway/tiered-policies/index.mdx

Lines changed: 5 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -9,9 +9,7 @@ sidebar:
99
Only available on Enterprise plans. For more information, contact your account team.
1010
:::
1111

12-
{/* TODO: Update the Orgs link with most up to date option */}
13-
14-
Gateway supports using [Cloudflare Organizations](/fundamentals/organizations/) to share configurations between and apply specific policies to accounts within an organization. Tiered organizational policies support [DNS](/cloudflare-one/policies/gateway/dns-policies/), [network](/cloudflare-one/policies/gateway/network-policies/), [HTTP](/cloudflare-one/policies/gateway/http-policies/), and [resolver](/cloudflare-one/policies/gateway/resolver-policies/) policies.
12+
Gateway supports using [Cloudflare Organizations](/fundamentals/organizations/) to share configurations between and apply specific policies to accounts within an organization. Tiered Gateway policies with Organizations support [DNS](/cloudflare-one/policies/gateway/dns-policies/), [network](/cloudflare-one/policies/gateway/network-policies/), [HTTP](/cloudflare-one/policies/gateway/http-policies/), and [resolver](/cloudflare-one/policies/gateway/resolver-policies/) policies.
1513

1614
## Get started
1715

@@ -25,6 +23,8 @@ The Gateway Tenant platform supports tiered and siloed account configurations.
2523

2624
### Tiered accounts
2725

26+
{/* TODO: Rename this section and check if siloed accounts are relevant (potentially fix H2 preamble above). Fix the flow to match Orgs config. */}
27+
2828
In a tiered account configuration, a top-level source account enforces global security policies that apply to all of its recipient accounts. Recipient accounts can add policies as needed while still being managed by the source account. Organization owners can also configure recipient accounts independently from the source account, including:
2929

3030
- Configuring a [custom block page](/cloudflare-one/policies/gateway/block-page/)
@@ -65,6 +65,8 @@ flowchart TD
6565
n5@{ shape: lean-l}
6666
```
6767

68+
{/* TODO: Decide best way to surface limitations. Separate section? */}
69+
6870
:::caution[Limitations]
6971
Tiered policies do not support egress policies, device posture selectors, private apps, or virtual networks.
7072
:::

0 commit comments

Comments
 (0)